package org.triumphxx.interfacetools.aop;

import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.*;
import org.springframework.stereotype.Component;
import org.triumphxx.interfacetools.annotation.Authority;
import org.triumphxx.interfacetools.common.Result;

import java.util.Arrays;


/**
 * @author:triumphxx
 * @Date:2023/8/4
 * @Time:22:19
 * @微信公众号：思考集结处
 * @网站：https://blog.triumphxx.com.cn
 * @GitHub https://github.com/triumphxx
 * @Desc:
 **/
@Component
@Aspect
@Slf4j
public class AuthorityAspect {

    //首先获取登录用户

    //查询该用户权限

    @Pointcut(value = "@annotation(org.triumphxx.interfacetools.annotation.Authority)")
    public void pointcut() {

    }

    @Around("pointcut() && @annotation(authority)")
    public Object doAuthority(ProceedingJoinPoint proceedingJoinPoint,Authority authority) throws Throwable {
        //获取方法的签名 就是整个方法：包括方法类型 返回值 方法名
        String methodLocation = proceedingJoinPoint.getSignature().toLongString();
        //获取到方法名【获取到的方法签名用空格分隔为两部分，所以我们只需要获取第二部分就行了】
        String method = methodLocation.split(" ")[2];
        log.info("开始拦截方法 {}，进行权限校验 ,",method);
        //获取接口参数
        String[] posts = authority.posts();
        //获取当前登录用户的岗位权限 引入Dao进行查询
        String auth = "A";
        //判断 当前登录用户的权限是否满足该接口权限
        Object result;
        if (Arrays.asList(posts).contains(auth)){
            //是否需要放行
            result = proceedingJoinPoint.proceed();
        }else {
            return Result.fail("当前用户无权限");
        }
        return result;
    }
}
